Recently, due to rapid development of information communication techniques and the spread of information communication network, electronic transaction such as internet shopping, banking services, or electronic commerce and electronic payments between companies has been actively in progress. The non-faced credit transaction uses the network communication. Since it is difficult for parties to the transaction to verify identification of the parties to the transaction and determine and verify the authenticity of the transactions, the non-faced credit is most likely to include various problems including denying the transaction fact and the like.
As a result, a method for authenticating memberships by using a certificate has been widely used, and the certificate is a digital certificate which is issued from a certificate authority to be hold in the member and includes an owner's name, a serial number, an owner's public key copy, a digital signature of the certificate issuing authority, and the like.
The certificate has a public key infrastructure (PKI) applying an asymmetric cryptography method in which encryption and decryption are possible by using a pair of a public key and a private or secret key which correspond to each other.
In addition, in the electronic payment, since the authentication is received by an authentication request with the electronic signature in which encryption and decryption are possible by the certificate authority and a fixed rule of hashing algorithm using the pair of the public key and the private key which correspond to each other, in this process, the possibility of the third part's intervention is extremely low and thus, safe no-facing transaction is possible.
However, when the electronic transaction is performed with the credit card using the certificate, if a password of the certificate and a card number of the credit card are known, actually, there is a problem in that even the transaction part without holding the card may perform the electronic transaction. Accordingly, when the on/off-line transaction is performed by using the credit card, a transaction service requiring verification of whether a user holds a medium (credit card) is required. With regard to the present invention, Korea Patent publication No. 2010-0006004 (authentication process method and system, and card terminal for authentication process using card) is present.